CVE-2021-21671

Опубликовано: 30 июн. 2021

Источник: debian

Описание

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login.

Пакет	Статус	Версия исправления	Релиз	Тип
jenkins	removed			package

CVE-2021-21671

CVSS3: 7.5

redhat

больше 4 лет назад

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login.

CVE-2021-21671

CVSS3: 7.5

nvd

больше 4 лет назад

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the previous session on login.

GHSA-4wr9-2xc6-jmg5

CVSS3: 7.5

github

больше 3 лет назад

Session fixation vulnerability in Jenkins